Here’s how the malware operates:
1) User installs the free version of the game on their smartphone.
2) The infected version of the game starts sending out thousands of spam SMS messages to a list of phone numbers obtained by the malware, from a command and control server.
3) These SMS messages include links to the same malicious apps, as well.
4) Spreading like wildfire from SMS, the cybercriminal botnet grew nearly exponentially – overnight.
The Hong Kong Police confirm that the malware communicates about once every minute to grab another fifty phone numbers, over standard HTTP protocol, then it sends a message to each of these numbers, with a 1.3 second delay after sending each message.
If you don’t have an unlimited SMS messaging plan and you are a victim, you’ll find your phone bill to be significant. Android users are advised to beware of suspicious applications, especially if they are advertised via unsolicited messages.
(Sources: CDM and Hong Kong Police)
Copyright (C) 2012-2013, Cyber Defense Magazine, a division of S.G. Samuels Publishing LLC
848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107. EIN: 454-18-8465, DUNS# 078358935.
All rights reserved worldwide. firstname.lastname@example.org